diff --git a/meshrelay.js b/meshrelay.js index 804ed9aa..d555bf19 100644 --- a/meshrelay.js +++ b/meshrelay.js @@ -958,6 +958,12 @@ function CreateLocalRelayEx(parent, ws, req, domain, user, cookie) { // If there is no authentication, drop this connection if (obj.user == null) { try { ws.close(); parent.parent.debug('relay', 'Relay: Connection with no authentication'); } catch (e) { console.log(e); } return; } + // Use cookie values when present + if (cookie != null) { + if (cookie.nodeid) { req.query.nodeid = cookie.nodeid; } + if (cookie.tcpport) { req.query.tcpport = cookie.tcpport; } + } + // Check for nodeid and tcpport if ((req.query == null) || (req.query.nodeid == null) || (req.query.tcpport == null)) { try { ws.close(); parent.parent.debug('relay', 'Relay: Connection with invalid arguments'); } catch (e) { console.log(e); } return; } const tcpport = parseInt(req.query.tcpport); @@ -1057,16 +1063,20 @@ function CreateLocalRelayEx(parent, ws, req, domain, user, cookie) { // Setup TCP client obj.client = new net.Socket(); - obj.client.connect(obj.tcpport, node.host, function () { ws.send('c'); ws._socket.resume(); }); + obj.client.connect(obj.tcpport, node.host, function () { + // Log the start of the connection + obj.time = Date.now(); + var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: obj.user._id, username: obj.user.name, msgid: 13, msgArgs: [obj.id, obj.req.clientIp, obj.host], msg: 'Started relay session \"' + obj.id + '\" from ' + obj.req.clientIp + ' to ' + obj.host, nodeid: req.query.nodeid }; + parent.parent.DispatchEvent(['*', obj.user._id, obj.meshid, obj.nodeid], obj, event); + + // Start the session + ws.send('c'); + ws._socket.resume(); + }); obj.client.on('data', function (data) { try { this.pause(); ws.send(data, this.clientResume); } catch (ex) { console.log(ex); } }); // Perform relay obj.client.on('close', function () { obj.close(); }); obj.client.on('error', function (err) { obj.close(); }); obj.client.clientResume = function () { try { obj.client.resume(); } catch (ex) { console.log(ex); } }; - - // Log the start of the connection - obj.time = Date.now(); - var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: obj.user._id, username: obj.user.name, msgid: 13, msgArgs: [obj.id, obj.req.clientIp, obj.host], msg: 'Started relay session \"' + obj.id + '\" from ' + obj.req.clientIp + ' to ' + obj.host, nodeid: req.query.nodeid }; - parent.parent.DispatchEvent(['*', obj.user._id, obj.meshid, obj.nodeid], obj, event); }); } diff --git a/meshuser.js b/meshuser.js index b4b7494d..b9a178fc 100644 --- a/meshuser.js +++ b/meshuser.js @@ -4315,9 +4315,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use if (command.tcpaddr) { cookieContent.tcpaddr = command.tcpaddr; } // Indicates the browser want to agent to TCP connect to a remote address if (command.tcpport) { cookieContent.tcpport = command.tcpport; } // Indicates the browser want to agent to TCP connect to a remote port if (command.ip) { cookieContent.ip = command.ip; } // Indicates the browser want to agent to relay a TCP connection to a IP:port + if (node.mtype == 3) { cookieContent.lc = 1; command.localRelay = true; } // Indicate this is for a local connection command.cookie = parent.parent.encodeCookie(cookieContent, parent.parent.loginCookieEncryptionKey); command.trustedCert = parent.isTrustedCert(domain); - if (node.mtype == 3) { command.localRelay = true; } try { ws.send(JSON.stringify(command)); } catch (ex) { } }); break; diff --git a/mstsc.js b/mstsc.js index f6898e2a..675d27c6 100644 --- a/mstsc.js +++ b/mstsc.js @@ -60,6 +60,10 @@ module.exports.CreateMstscRelay = function (parent, db, ws, req, args, domain) { obj.relaySocket.on('end', function () { obj.close(); }); obj.relaySocket.on('error', function (err) { obj.close(); }); + // Decode the authentication cookie + var cookie = parent.parent.decodeCookie(obj.infos.ip, parent.parent.loginCookieEncryptionKey); + if (cookie == null) return; + // Setup the correct URL with domain and use TLS only if needed. var options = { rejectUnauthorized: false }; if (domain.dns != null) { options.servername = domain.dns; } @@ -67,7 +71,7 @@ module.exports.CreateMstscRelay = function (parent, db, ws, req, args, domain) { if (args.tlsoffload) { protocol = 'ws'; } var domainadd = ''; if ((domain.dns == null) && (domain.id != '')) { domainadd = domain.id + '/' } - var url = protocol + '://127.0.0.1:' + args.port + '/' + domainadd + 'meshrelay.ashx?noping=1&auth=' + obj.infos.ip; + var url = protocol + '://127.0.0.1:' + args.port + '/' + domainadd + ((cookie.lc == 1)?'local':'mesh') + 'relay.ashx?noping=1&auth=' + obj.infos.ip; parent.parent.debug('relay', 'RDP: Connection websocket to ' + url); obj.wsClient = new WebSocket(url, options); obj.wsClient.on('open', function () { parent.parent.debug('relay', 'RDP: Relay websocket open'); }); diff --git a/views/default.handlebars b/views/default.handlebars index 7b769170..20f1b162 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -2476,7 +2476,7 @@ var rdpurl = window.location.origin + domainUrl + 'mstsc.html?ws=' + message.cookie + (urlargs.key?('&key=' + urlargs.key):''); var node = getNodeFromId(message.nodeid); if (node != null) { rdpurl += '&name=' + encodeURIComponentEx(node.name); } - if (message.localRelay) { url += '&local=1'; } + if (message.localRelay) { rdpurl += '&local=1'; } safeNewWindow(rdpurl, 'mcmstsc/' + message.nodeid); } break;